Commit d7dfe53f31452f7e16bc53a7e5be439a251c95c6
1 parent
8f2588cc33
Exists in
master
Moved nginx configuration into nginxconf
Showing 1 changed file with 43 additions and 0 deletions Side-by-side Diff
nginxconf/flashy.cards
View file @
d7dfe53
| 1 | +upstream backend_production { | |
| 2 | + server localhost:7001; | |
| 3 | +} | |
| 4 | + | |
| 5 | +server { | |
| 6 | + server_name flashy.cards; | |
| 7 | + listen 443 ssl; | |
| 8 | + location / { | |
| 9 | + root /srv/flashy.cards/; | |
| 10 | + } | |
| 11 | + | |
| 12 | + location ~ /(api|static|admin|api-auth)/ { | |
| 13 | + proxy_pass http://backend_production; | |
| 14 | + proxy_redirect http://backend_production $scheme://flashy.cards; | |
| 15 | + proxy_set_header Host $host; | |
| 16 | + proxy_set_header X-Real-IP $remote_addr; | |
| 17 | + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| 18 | + } | |
| 19 | + | |
| 20 | + location ^~ /jenkins { | |
| 21 | + proxy_pass http://localhost:8080; | |
| 22 | + proxy_redirect http://localhost:8080 $scheme://flashy.cards; | |
| 23 | + proxy_set_header Host $host; | |
| 24 | + proxy_set_header X-Real-IP $remote_addr; | |
| 25 | + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| 26 | + proxy_read_timeout 90; | |
| 27 | + } | |
| 28 | + ssl_certificate /etc/nginx/ssl/bundle.crt; | |
| 29 | + ssl_certificate_key /etc/nginx/ssl/nginx.key; | |
| 30 | + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
| 31 | + ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS; | |
| 32 | + ssl_prefer_server_ciphers on; | |
| 33 | + keepalive_timeout 70; | |
| 34 | + ssl_session_cache shared:SSL:10m; | |
| 35 | + ssl_session_timeout 10m; | |
| 36 | + add_header Strict-Transport-Security "max-age=259200"; | |
| 37 | +} | |
| 38 | + | |
| 39 | +server { | |
| 40 | + server_name flashy.cards; | |
| 41 | + listen 80; | |
| 42 | + return 301 https://$host$request_uri; | |
| 43 | +} |